<!DOCTYPE html>
<html lang="zh-cn">
<head>
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  <title>Linux Glib漏洞修复经历 - Feng&#39;s Blog - 大灰鼠的博客</title>
  <meta name="renderer" content="webkit" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>

<meta http-equiv="Cache-Control" content="no-transform" />
<meta http-equiv="Cache-Control" content="no-siteapp" />

<meta name="theme-color" content="#f8f5ec" />
<meta name="msapplication-navbutton-color" content="#f8f5ec">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="#f8f5ec">


<meta name="author" content="Feng" /><meta name="description" content="前两天收到阿里云邮件，一看又炸眼了！Linux漏洞又来了（看来这Linux也不是铁板一块呀），这次的漏洞是Linux Glibc（幽灵漏洞） &amp;lt;br" /><meta name="keywords" content="feng, 折腾人生, 电脑维修, 手机玩转, 技术心得, 拆机, 网站建设, 快乐悠悠, uu, 悠悠, 博客" />






<meta name="generator" content="Hugo 0.76.5 with theme even" />


<link rel="canonical" href="https://uu126.gitee.io/2015/195.html" />
<link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
<link rel="manifest" href="/manifest.json">
<link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5">



<link href="/sass/main.min.c7bc1becf36bcf6a9ebd25d2947e43a2eb745ddb0c9a32b43126fd7fa460c351.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.1.20/dist/jquery.fancybox.min.css" integrity="sha256-7TyXnr2YU040zfSP+rEcz29ggW4j56/ujTPwjMzyqFY=" crossorigin="anonymous">


<meta property="og:title" content="Linux Glib漏洞修复经历" />
<meta property="og:description" content="前两天收到阿里云邮件，一看又炸眼了！Linux漏洞又来了（看来这Linux也不是铁板一块呀），这次的漏洞是Linux Glibc（幽灵漏洞） &lt;br" />
<meta property="og:type" content="article" />
<meta property="og:url" content="https://uu126.gitee.io/2015/195.html" />
<meta property="article:published_time" content="2015-01-31T12:17:16+00:00" />
<meta property="article:modified_time" content="2015-01-31T12:17:16+00:00" />
<meta itemprop="name" content="Linux Glib漏洞修复经历">
<meta itemprop="description" content="前两天收到阿里云邮件，一看又炸眼了！Linux漏洞又来了（看来这Linux也不是铁板一块呀），这次的漏洞是Linux Glibc（幽灵漏洞） &lt;br">
<meta itemprop="datePublished" content="2015-01-31T12:17:16+00:00" />
<meta itemprop="dateModified" content="2015-01-31T12:17:16+00:00" />
<meta itemprop="wordCount" content="1258">



<meta itemprop="keywords" content="CentOS,漏洞," />
<meta name="twitter:card" content="summary"/>
<meta name="twitter:title" content="Linux Glib漏洞修复经历"/>
<meta name="twitter:description" content="前两天收到阿里云邮件，一看又炸眼了！Linux漏洞又来了（看来这Linux也不是铁板一块呀），这次的漏洞是Linux Glibc（幽灵漏洞） &lt;br"/>

<!--[if lte IE 9]>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/classlist/1.1.20170427/classList.min.js"></script>
<![endif]-->

<!--[if lt IE 9]>
  <script src="https://cdn.jsdelivr.net/npm/html5shiv@3.7.3/dist/html5shiv.min.js"></script>
  <script src="https://cdn.jsdelivr.net/npm/respond.js@1.4.2/dest/respond.min.js"></script>
<![endif]-->

</head>
<body>
  <div id="mobile-navbar" class="mobile-navbar">
  <div class="mobile-header-logo">
    <a href="/" class="logo">Feng&#39;s Blog</a>
  </div>
  <div class="mobile-navbar-icon">
    <span></span>
    <span></span>
    <span></span>
  </div>
</div>
<nav id="mobile-menu" class="mobile-menu slideout-menu">
  <ul class="mobile-menu-list">
    <a href="/">
        <li class="mobile-menu-item">Home</li>
      </a><a href="/post/">
        <li class="mobile-menu-item">Archives</li>
      </a><a href="/tags/">
        <li class="mobile-menu-item">Tags</li>
      </a><a href="/links/">
        <li class="mobile-menu-item">Links</li>
      </a><a href="/ly/">
        <li class="mobile-menu-item">Ly</li>
      </a><a href="/about/">
        <li class="mobile-menu-item">About</li>
      </a>
  </ul>
</nav>
  <div class="container" id="mobile-panel">
    <header id="header" class="header">
        <div class="logo-wrapper">
  <a href="/" class="logo">Feng&#39;s Blog</a>
</div>

<nav class="site-navbar">
  <ul id="menu" class="menu">
    <li class="menu-item">
        <a class="menu-item-link" href="/">Home</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/post/">Archives</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/tags/">Tags</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/links/">Links</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/ly/">Ly</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/about/">About</a>
      </li>
  </ul>
</nav>
    </header>

    <main id="main" class="main">
      <div class="content-wrapper">
        <div id="content" class="content">
          <article class="post">
    
    <header class="post-header">
      <h1 class="post-title">Linux Glib漏洞修复经历</h1>

      <div class="post-meta">
        <span class="post-time"> 2015-01-31 </span>
        <div class="post-category">
            <a href="/categories/%E7%BD%91%E7%AB%99%E5%BB%BA%E8%AE%BE/"> 网站建设 </a>
            </div>
          <span class="more-meta"> 约 1258 字 </span>
          <span class="more-meta"> 预计阅读 3 分钟 </span>
        
      </div>
    </header>

    <div class="post-toc" id="post-toc">
  <h2 class="post-toc-title">文章目录</h2>
  <div class="post-toc-content always-active">
    <nav id="TableOfContents"></nav>
  </div>
</div>
    <div class="post-content">
      <p>前两天收到阿里云邮件，一看又炸眼了！Linux漏洞又来了（看来这Linux也不是铁板一块呀），这次的漏洞是Linux Glibc（幽灵漏洞）<br>
<a href="http://uu126.cn/wp-content/uploads/2015/01/1422630742722.jpg" alt="Linux Glib漏洞修复经历" title="Linux Glib漏洞修复经历" target="_blank"  rel="nofollow" ><img  class="alignnone size-full wp-image-1388"  class="lazyload" data-src="http://uu126.cn/wp-content/uploads/2015/01/1422630742722.jpg" src="https://cdn.jsdelivr.net/gh/moezx/cdn@3.0.2/img/svg/loader/trans.ajax-spinner-preloader.svg" onerror="imgError(this)"  alt="1422630742722" width="500" height="286" /></a>&lt;br / &gt;</p>
<noscript>
  <img class="alignnone size-full wp-image-1388" src="http://uu126.cn/wp-content/uploads/2015/01/1422630742722.jpg" alt="1422630742722" width="500" height="286" /></a><br />
</noscript> 俺家的CentOS看来也得赶紧修复了，这不今天抽出时间赶紧来修复一下。先来看看各家（阿里云和腾讯云）给出的办法，其实都差不多，下面就来说说我自己的修复经历吧。
<p>第一次是用阿里云给出的CentOS修复方法：</p>
<pre class="php">yum update glibc</pre>
<p>很快就OK了（后来二次证明确实这样就行了），可后来又看到需要先运行清理再升级（这是腾讯云给的办法，阿里云论坛上也有人反应），具体的命令是：</p>
<pre class="php">yum clean all; yum update glibc</pre>
<p>结果这一操作后，前面的清理倒是顺利，后面的升级就不行了，每次都升级失败，这当中超时占主要部分（天朝呀！），反复重启试了几次都不行，干脆回滚了快照，还是按照先头阿里云给出的办法直接修复，后来不放心，又按阿里云给出的测试脚本：</p>
<pre class="others">#include &lt;netdb.h&gt;
#include &lt;stdio.h&gt;
#include &lt;stdlib.h&gt;
#include &lt;string.h&gt;
#include &lt;errno.h&gt;
#define CANARY "in_the_coal_mine"
struct {
  char buffer[1024];
  char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };
int main(void) {
  struct hostent resbuf;
  struct hostent *result;
  int herrno;
  int retval;
  /*** strlen (name) = size_needed -sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
  size_t len = sizeof(temp.buffer) -16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
  char name[sizeof(temp.buffer)];
  memset(name, '0', len);
  name[len] = ' ';
  retval = gethostbyname_r(name,&resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
  if (strcmp(temp.canary, CANARY) !=0) {
    puts("vulnerable");
    exit(EXIT_SUCCESS);
  }
  if (retval == ERANGE) {
    puts("notvulnerable");
    exit(EXIT_SUCCESS);
  }
  puts("should nothappen");
  exit(EXIT_FAILURE);
}</pre>
<p>将上述代码内容保存为GHOST.c，上传到服务器，直接;</p>
<pre class="others">[root@AYxxxxxxxxxxx ~]# ./GHOST
notvulnerable</pre>
<p>根据阿里云的说法，测试结果如果是：notvulnerable就说明漏洞修复成功了，反之如果是vulnerable ，则表示存在漏洞，需要进行修复。还有前面忘了说明一下了，当修复好漏洞后，可以使用命令查看</p>
<pre class="others">rpm –qa|grep glibc-2.12</pre>
<p>具体结果依据你的系统会有所不一样：</p>
<table class="read_form" cellspacing="0" cellpadding="0">
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="center">
        <span style="font-family: 微软雅黑;"><span style="font-size: small;">OS版本</span></span>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;left&quot;&gt;
    &lt;div align=&quot;center&quot;&gt;
      &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;对应Glibc版本&lt;/span&gt;&lt;/span&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/td&gt;
</code></pre>
  </tr>
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="left">
        <div align="left">
          <span style="font-family: 微软雅黑;"><span style="font-size: small;">CentOS6.x/redhat6.x</span></span>
        </div>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;right&quot;&gt;
    &lt;div align=&quot;left&quot;&gt;
      &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;glibc-2.12-1.149.el6_6.5&lt;/span&gt;&lt;/span&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/td&gt;
</code></pre>
  </tr>
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="left">
        <div align="left">
          <span style="font-family: 微软雅黑;"><span style="font-size: small;">OS版本: CentOS 6.2 安全版(tlinux)</span></span>
        </div>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;right&quot;&gt;
    &lt;div align=&quot;left&quot;&gt;
      &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;glibc-2.12-1.149.tl1.5&lt;/span&gt;&lt;/span&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/td&gt;
</code></pre>
  </tr>
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="left">
        <div align="left">
          <span style="font-family: 微软雅黑;"><span style="font-size: small;">CentOS5.x/redhat5.x</span></span>
        </div>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;right&quot;&gt;
    &lt;div align=&quot;left&quot;&gt;
      &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;glibc-2.5-123.el5_11.1&lt;/span&gt;&lt;/span&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/td&gt;
</code></pre>
  </tr>
</table>
<div align="left">
  <span style="font-family: 微软雅黑;"><span style="font-size: small;"> </span></span>
</div>
<div align="left">
  <span style="font-family: 微软雅黑;"><span style="font-size: small;">OS： Ubuntu 更新方法如下：【针对Ubuntu，腾讯云软件仓库已完成同步】</span></span>
</div>
<div align="left">
  <span style="font-family: 微软雅黑;"><span style="font-size: small;">1）用户使用root权限登录系统或使用sudo获取root权限，执行以下命令：#apt-get update#apt-get install libc6</span></span>
</div>
<div align="left">
  <span style="font-family: 微软雅黑;"><span style="font-size: small;">2）执行完成以后，查看版本， 输出如下表示更新完成：root@VM-ubuntu:~# dpkg -l|grep libc6</span></span>
</div>
<table class="read_form" cellspacing="0" cellpadding="0">
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="center">
        <span style="font-family: 微软雅黑;"><span style="font-size: small;">OS版本</span></span>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;left&quot;&gt;
    &lt;div align=&quot;center&quot;&gt;
      &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;对应Glibc版本&lt;/span&gt;&lt;/span&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/td&gt;
</code></pre>
  </tr>
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="left">
        <div align="left">
          <span style="font-family: 微软雅黑;"><span style="font-size: small;">Ubuntu12.x</span></span>
        </div>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;right&quot;&gt;
    &lt;div align=&quot;left&quot;&gt;
      &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;2.15-0ubuntu10.10&lt;/span&gt;&lt;/span&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/td&gt;
</code></pre>
  </tr>
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="left">
        <div align="left">
          <span style="font-family: 微软雅黑;"><span style="font-size: small;">Ubuntu14.x</span></span>
        </div>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;right&quot;&gt;
    &lt;div align=&quot;left&quot;&gt;
      &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;2.19-0ubuntu6&lt;/span&gt;&lt;/span&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/td&gt;
</code></pre>
  </tr>
  <tr>
    <td colspan="1" rowspan="1" width="215">
      <div align="left">
        <div align="left">
          <span style="font-family: 微软雅黑;"><span style="font-size: small;">Ubuntu10.x</span></span>
        </div>
      </div>
    </td>
<pre><code>&lt;td colspan=&quot;1&quot; rowspan=&quot;1&quot; width=&quot;271&quot;&gt;
  &lt;div align=&quot;left&quot;&gt;
    &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;2.11.1-0ubuntu7.20&lt;/span&gt;&lt;/span&gt;
  &lt;/div&gt;
  
  &lt;p&gt;
    &lt;span style=&quot;font-family: 微软雅黑;&quot;&gt;&lt;span style=&quot;font-size: small;&quot;&gt;&lt;br /&gt; &lt;/span&gt;&lt;/span&gt;&lt;/td&gt; &lt;/tr&gt; &lt;/tbody&gt; &lt;/table&gt; 
    
    &lt;p&gt;
      至此，俺家的CentOS应该穿上防护衣了，又可以继续的得瑟了，呵呵！&lt;br /&gt; &amp;nbsp;&lt;br /&gt; &amp;nbsp;
    &lt;/p&gt;</code></pre>

    </div>

    <div class="post-copyright">
  <p class="copyright-item">
    <span class="item-title">文章作者</span>
    <span class="item-content">Feng</span>
  </p>
  <p class="copyright-item">
    <span class="item-title">上次更新</span>
    <span class="item-content">
        2015-01-31
        
    </span>
  </p>
  
  
</div>
<div class="post-reward">
  <input type="checkbox" name="reward" id="reward" hidden />
  <label class="reward-button" for="reward">赞赏支持</label>
  <div class="qr-code">
    
    <label class="qr-code-image" for="reward">
        <img class="image" src="https://cdn.uu126.cn/hugo/wechat.png">
        <span>微信打赏</span>
      </label>
    <label class="qr-code-image" for="reward">
        <img class="image" src="https://cdn.uu126.cn/hugo/alipay.png">
        <span>支付宝打赏</span>
      </label>
  </div>
</div><footer class="post-footer">
      <div class="post-tags">
          <a href="/tags/centos/">CentOS</a>
          <a href="/tags/%E6%BC%8F%E6%B4%9E/">漏洞</a>
          </div>
      <nav class="post-nav">
        <a class="prev" href="/2015/196.html">
            <i class="iconfont icon-left"></i>
            <span class="prev-text nav-default">电脑主机（主板）前置音频连接方法</span>
            <span class="prev-text nav-mobile">上一篇</span>
          </a>
        <a class="next" href="/2015/194.html">
            <span class="next-text nav-default">淘宝网创新“极速退款” 网购退款只需1秒</span>
            <span class="next-text nav-mobile">下一篇</span>
            <i class="iconfont icon-right"></i>
          </a>
      </nav>
    </footer>
  </article>
        </div>
        

  
  <div id="vcomments"></div>
  <script src="//cdn1.lncld.net/static/js/3.0.4/av-min.js"></script>
  <script src='//unpkg.com/valine/dist/Valine.min.js'></script>
  <script type="text/javascript">
    new Valine({
        el: '#vcomments' ,
        appId: '5sMkTX4FLjetFnfbOhaDTCDJ-9Nh9j0Va',
        appKey: '25KXCqIqAN142RQn4fBrsI87',
        notify:  false ,
        verify:  false ,
        avatar:'mm',
        placeholder: '说点什么吧...',
        visitor:  false 
    });
  </script>

  

      </div>
    </main>

    <footer id="footer" class="footer">
      <div class="social-links">
  <a href="https://uu126.gitee.io/index.xml" type="application/rss+xml" class="iconfont icon-rss" title="rss"></a>
</div>

<div class="copyright">
  <span class="copyright-year">  
  Hosted by <a href="https://pages.coding.me" style="font-weight: bold">Coding Pages</a> + <a href="https://cloud.tencent.com/redirect.php?redirect=1005&cps_key=4e78216aea817227ff0c96d93a00fd4b" target="_blank" rel="nofollow">腾讯云 + </a><a href="https://console.upyun.com/register/?invite=S1JeTquHL" target="_blank" rel="nofollow"><span class="with-love"><img src="https://cdn.lancn.cn/images/upyun.png" style="width:45px;vertical-align:middle;" alt="又拍云存储"></span></a>
   </span> 
  <div class="busuanzi-footer">
    <a target="_blank"  href="http://www.beian.miit.gov.cn">浙ICP备11026647号-3</a><span class="post-meta-divider"> | </span><a target="_blank" href="http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=33088102001325"><span class="with-love"><img src="https://cdn.uu126.cn/icon-police.png" style="width:14px;"></span> 浙公网安备33088102001325号</a>
  </div>
  <span class="power-by">
    由 <a class="hexo-link" href="https://gohugo.io">Hugo</a> 强力驱动
  </span>
  <span class="division">|</span>
  <span class="theme-info">
    主题 - 
    <a class="theme-link" href="https://github.com/olOwOlo/hugo-theme-even">Even</a>
  </span>
   

  

  <span class="copyright-year">
    &copy; 
    2012 - 
    2020<span class="heart"><i class="iconfont icon-heart"></i></span><span>Feng</span>
  </span>
</div>

    </footer>

    <div class="back-to-top" id="back-to-top">
      <i class="iconfont icon-up"></i>
    </div>
  </div>
  <script src="/lib/highlight/highlight.pack.js?v=20171001"></script>
  <script src="https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js" integrity="sha256-hwg4gsxgFZhOsEEamdOYGBf13FyQuiTwlAQgxVSNgt4=" crossorigin="anonymous"></script>
  <script src="https://cdn.jsdelivr.net/npm/slideout@1.0.1/dist/slideout.min.js" integrity="sha256-t+zJ/g8/KXIJMjSVQdnibt4dlaDxc9zXr/9oNPeWqdg=" crossorigin="anonymous"></script>
  <script src="https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.1.20/dist/jquery.fancybox.min.js" integrity="sha256-XVLffZaxoWfGUEbdzuLi7pwaUJv1cecsQJQqGLe7axY=" crossorigin="anonymous"></script>



<script type="text/javascript" src="/js/main.min.c12618f9a600c40bd024996677e951e64d3487006775aeb22e200c990006c5c7.js"></script>








</body>
</html>
